Skip to content ↓ | Skip to navigation ↓

Looking for a great Information Security podcast? There are plenty to choose from! Here’s a roundup of currently active Information Security podcasts.

The list is split into two categories: podcasts run by people representing themselves (meaning they are not speaking for a company) and podcasts produced under the name of a company. I made the distinction because many people would like to know if there might be any bias in opinions. Don’t let company-run podcasts dissuade you from listening, however; some of the best, bias-free podcasts are company-sponsored.

Individual Podcasts:

Take 1 Security Podcast
Format
: News, analysis
Frequency: Weekly to monthly
Information: A news and analysis podcast hosted by Daniel Miessler in which he reads several top security stories in one take. Take 1 is a great podcast for consuming a large amount of news in a short amount of time. The analysis by the host is always spot-on.

Brakeing Down Security
Format
: News, analysis, interviews
Frequency: Weekly
Information: Brian Brake and Brian Boettcher host this long-running podcast that features news, analysis and guest interviews. The passion the hosts have for security really comes through in the podcast and interviews.

Data Driven Security
Format
: Analysis, interviews
Frequency: Approximately six times per year
Information: Jay Jacobs and Bob Rudis, authors of the book “Data Driven Security,” discuss data science in the information security field. This is a must-listen podcast if you are interested in data visualization and data analysis.

Defensive Security Podcast
Format
: News, analysis
Frequency: Weekly
Information: Hosted by Jerry Bell and Andrew Kalat, this podcast offers a very entertaining analysis of the week’s top security stories.

Down the Security Rabbithole
Format
: News, analysis, interview
Frequency: Weekly
Information: This podcast, hosted by Rafal Los, James Jardine and Michael Santarcangelo, offers analysis on significant security stories in the news, often with guests.

NETSEC TL;DR
Format
: News
Frequency: Weekly
Information: A new podcast on the scene and one of my favorites. It’s hosted by Rob Fuller and essentially takes the top 10 netsec articles from Reddit and gives the listener the tl;dr version. There are a few podcasts that give a quick rundown of news, but Rob’s passion and knowledge really makes this one great.

OWASP 24/7
Format
: Analysis, interview
Frequency: Several times a month
Information: Interesting podcast put on by the folks at The Open Web Application Security Project (OWASP). OWASP is a community-driven non-profit project, and the podcast features interviews and analysis on the topic of web application security.

Paul’s Security Weekly
Format
: News, analysis, interview
Frequency: Weekly
Information: The longest-running security podcast on this list, Paul’s Security Weekly has been going strong since 2005, featuring news, analysis and interviews with people in the security industry.

Southern Fried Security Podcast
Format
: News, analysis, interview
Frequency: Weekly
Information: My personal favorite podcast on this list – Southern Fried Security Podcast is hosted by Andy Willingham, Martin Fisher and Steve Ragan, and focuses on leadership and management aspects in information security.

Risky Business
Format
: News, analysis, interview
Frequency: Weekly
Information: An Australian-based podcast that features the latest security news, analysis and guest interviews.

The Risk Science Podcast
Format
: News, analysis, interview
Frequency: Approximately 4-6 episodes per year
Information: Somewhat sporadic, yet unique podcast that looks at the risk management and decision science aspects of information security.

The Standard Deviant Security Podcast
Format
: Interview
Frequency: Bi-weekly
Information: DISCLAIMER: this is my podcast, so I’m not going to review or editorialize. This is an interview-only podcast, focusing on the people that are solving problems in the information security field.

Company Podcasts:

2 Minute Cyber Security Briefing
Format
: News
Frequency: Weekly
Information: The title says it all!

*InfoSecurity-branded podcasts
Format
: News, interview
Frequency: Bi-weekly
Information: This is a set of podcasts from the same company, ISMG Corp. The podcasts include Banking InfoSecurity, DataBreachToday, CareersInfoSecurity, HealthInfoSecurity, etc. There is something new nearly every day and good to listen to if you have a particular interest in one of the sectors they cover. These are all available on iTunes.

SANS Internet Storm Center Podcast
Format
: News
Frequency: Daily
Information: Amazingly reliable, daily 5-10 minute podcast that recaps the latest security headlines.

Security Current Podcast
Format
: News, interview
Frequency: 1-2 times a week
Information: Produced by the folks behind the Security Current news site, this podcast features interviews with experts in IT and Information Security.

Security Now
Format
: News, analysis
Frequency: Weekly
Information: A podcast from the vendor of a hard drive recovery company. The few episodes I listened to have several technical inaccuracies – your mileage may vary.

Threatpost Digital Underground
Format
: News, interview
Frequency: Twice a week
Information: Kaspersky Lab’s podcast has been going since 2008 and features current events and guest interviews.

Tripwire’s Security Slice Podcast
Format: News, analysis, interview
Frequency: 2-8 times a month
Information: DISCLAIMER: Tripwire is hosting this blog post, but did not edit the content of this review. Security Slice has been around for a very long time – its one of the first security podcasts I listened to and is still one of my favorites today. Hosted by Shelley Boose, this podcast takes the biggest issues of the week and invites guests to comment and give analysis.

Did I miss any that you enjoy listening to? Leave it in the comments below, or let me know on Twitter @tdmv.

 

About the Author: Tony Martin-Vegue is a 20-year Information Security veteran with expertise in network operations, cryptography and risk management. He’s worked for large global organizations, leading cyber-crime programs, enterprise risk management and security programs. He is a blogger and host of The Standard Deviant Security Podcast, a podcast that, with candor and cleverness, holds up a mirror to industry truths.Tony holds a Bachelor of Science in Business Economics from the University of San Francisco and has many certifications such as CISSP, CISM and CEH.

Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

Title image courtesy of ShutterStock

Hacking Point of Sale
  • Tony…there is a new blog being produced by a young entrepreneur and veteran you may want to check out. The Sphere Podcast.. .http://sphericaldefense.com/the-sphere-podcast/

    He is really enthusiastic and wants to further security education for those just entering the world of security by drawing on experienced professionals who have been practicing security for years.

  • Tony Martin-Vegue

    Thanks, Terry. I just subscribed to podcast and looking forward to listening to it.

  • Hi Tony,

    Thanks for the list. I'm an avid podcast listener myself as well as a producer of one myself. I wanted to share my little known podcast for your consideration the next time you do your list. It's the insecurity podcast, found at http://in-security.org/ , and the objective is to get non-security professionals people interested in information security the knowledge they need to either get into the information security profession, or at least embed security best practices into their daily lives. We keep wanting to produce more frequently than we do, but it's our hobby in our free time that we do only to give back to the community, and we typically get around to producing only one a month.

    I'd also recommend the social engineering podcast in the commercial category. They can be found at http://www.social-engineer.org/ and they run the SE village at defcon, as well as do the social engineering contest. The content is usually quite good and seems to me the biggest vulnerability in any organization.

    Cheers,
    Max